package cn.wolfcode.web.controller;

import cn.wolfcode.domain.Employee;
import cn.wolfcode.exception.LogicException;
import cn.wolfcode.qo.JSONResult;
import cn.wolfcode.service.IEmployeeService;
import cn.wolfcode.service.IPermissionService;
import cn.wolfcode.util.MD5Utils;
import cn.wolfcode.util.UserContext;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpSession;
import java.util.List;

@Controller
public class LoginController {

    //不使用shiro的方式
    //@Autowired
    //private IEmployeeService employeeService;
    //
    //@Autowired
    //private IPermissionService permissionService;
    //
    //@RequestMapping("/login")
    //@ResponseBody                                             // 创建session
    //public JSONResult login(String username, String password, HttpSession session) {
    //
    //    System.out.println("进入了login");
    //    Employee employee = employeeService.login(username, password);
    //    // 把登录成功的用户存存到session当中
    //    UserContext.setCurrentUser(employee);
    //
    //    // 判断是否是超级管理员
    //    if(!employee.isAdmin()) {
    //        List<String> expressions = permissionService.selectByExpressionByEmpId(employee.getId());
    //        UserContext.setExpressions(expressions);
    //    }
    //    //int a = 1 / 0;
    //
    //    return new JSONResult();
    //}
    //
    //
    //@RequestMapping("/logout")
    //public String logout(HttpSession session) {
    //    session.invalidate();
    //    return "redirect:/login.html";
    //}

    @RequestMapping("/login")
    @ResponseBody                                             // 创建session
    public JSONResult login(String username, String password, HttpSession session) {
        try {
            // 获取subject主体
            Subject subject = SecurityUtils.getSubject();
            //System.out.println("subject: " + subject);
            //System.out.println("subject.getPrincipal: " + subject.getPrincipal());
            subject.getSession();
            // 获取令牌
            System.out.println(MD5Utils.getCipher(password));
            UsernamePasswordToken token = new UsernamePasswordToken(username, MD5Utils.getCipher(password));
            // 使用shiro提供的api来登录
            subject.login(token);
            //System.out.println("login----------");
            System.out.println(SecurityUtils.getSubject().getPrincipal());
            return new JSONResult();
        } catch (UnknownAccountException e) {
            e.printStackTrace();
            return new JSONResult(false, "用户名不存在");
        } catch (IncorrectCredentialsException e) {
            e.printStackTrace();
            return new JSONResult(false, "密码错误");
        } catch (AccountException e) {
            e.printStackTrace();
            return new JSONResult(false, e.getMessage());
        }
    }

}
